Re: Welcome to tcpdump-workers

["Terry Bogard" <terrybogard4 () hotmail com>]

I'm using winpcap/libpcap in an MFC multi-threaded project to sniff packets 
on my LAN - so that all the devices on my LAN are detected & profiled -  
it's basically a LAN Device management utility.  I'm using  pcap_open_dev()
pcap_open_live() (with tm_ms=0 - so unlimited , promisc = 1) , 
pcap_lookupnet  and then finally pcap_next() in a loop to sniff packets.  
the callback function is defined to be pcap_oneshot, which is processing 
each packet .  I'm posting because my application is working really slow & 
the lan devices are taking a long time to be detected.  I've even tried 
using pcap_dispatch so that i can test with a variable value for the cnt 
parameter - but that hasn't helped.  I'm looking for a way to improve this 
packet sniffing - by adjustment of parameters somewhere - or by writing my 
own low-level code.  But I need your help with this.  what parameters can i 
adjust in any of the winpcap functions, or the packet driver - that would 
help speed up this packet sniffing?  Or how would I go about doing this? My 
LAN consists of 8 devices running Windows O/S.  Oh I'm using the Windows 
version of libpcap.  Any help would be greatly appreciated.


Thanks.


Saad




> From: Majordomo () sandelman ottawa on ca
> Reply-To: Majordomo () sandelman ottawa on ca
> To: terrybogard4 () hotmail com
> Subject: Welcome to tcpdump-workers
> Date: Wed, 19 Mar 2003 14:42:56 -0500 (EST)
>
> --
>
> Welcome to the tcpdump-workers mailing list!
>
> Please save this message for future reference.  Thank you.
>
> If you ever want to remove yourself from this mailing list,
> send the following command in email to
> <tcpdump-workers-request () sandelman ottawa on ca>:
>
>     unsubscribe
>
> Or you can send mail to <Majordomo () sandelman ottawa on ca> with the 
> following
> command in the body of your email message:
>
>     unsubscribe tcpdump-workers
>
> or from another account, besides terrybogard4 () hotmail com:
>
>     unsubscribe tcpdump-workers terrybogard4 () hotmail com
>
> If you ever need to get in contact with the owner of the list,
> (if you have trouble unsubscribing, or have questions about the
> list itself) send email to <owner-tcpdump-workers () sandelman ottawa on ca> .
> This is the general rule for most mailing lists when you need
> to contact a human.
>
>  Here's the general information for the list you've subscribed to,
>  in case you don't already have it:
>
>
>    tcpdump logo
>
>    CVS Files Files Mail Help Projects
>
>    This  page  was  started  to  collect  various  patches that have been
>    floating  around  for  LBL's  tcpdump  and  libpcap  programs,  and to
>    continue the work needed on both projects.
>
> Mirrors
>
>    There  are  some  mirrors of this page that might be closer to you, or
>    just generally faster.
>
> Documentation
>
>    Full  documentation  is  provided with the source packages in man page
>    format.  People  with  Windows  distributions  are  best  to check the
>    Windows  PCAP page for references to WinDUMP. What follows are the man
>    pages formatted to HTML using man2html.
>      * tcpdump.1
>      * pcap.3
>      * PCAP tutorial by timcarst at yahoo dot com.
>      * NAU's  Computer  Systems  Engineering  has  a  tutorial  on  using
>        libpcap.
>
> TCPDUMP 3.7
>
>    TCPDUMP  version 3.7.1 has been released. This is the first release of
>    tcpdump 3.7.
>
>    There are many changes to tcpdump in past year. See the change log for
>    brief  summary  (55 lines of them). If you want more in depth details,
>    please see the CVS log summary for 2001..
>
>    No current binaries are available.
>      * tcpdump-3.7.1.tar.gz (changelog)
>      * libpcap-0.7.1.tar.gz (changelog)
>
> TCPDUMP 3.6
>
>    TCPDUMP  version 3.6.1 was released on January 10, 2001, and 3.6.2 was
>    released  on February 5, 2001. 3.6.2 fixes problems compiling on older
>    Linux distributions. The current version is 3.6.2 (0.6.2 for libpcap).
>
>    Binaries for some platforms are available. If you can offer binary/RPM
>    distributions, please contact tcpdump-workers () tcpdump org.
>      * tcpdump-3.6.2.tar.gz (changelog)
>      * libpcap-0.6.2.tar.gz (changelog)
>
> Common problems
>
>    A FAQ is being developed.
>
> Anonymous CVS
>
>    There  is  an  anonymous  CVS server from which the latest versions of
>    libpcap and tcpdump can be retrieved. To checkout a copy, do:
>
> cvs -d :pserver:tcpdump () cvs tcpdump org:/tcpdump/master login
>
>    Use the password "anoncvs"
>
> cvs -d :pserver:tcpdump () cvs tcpdump org:/tcpdump/master checkout libpcap
> tcpdump
>
>    One  can  then  configure  and  compile  the source via the normal GNU
>    autoconf method.
>
> CVSWeb
>
>    You can browse the current repository using cvsweb.
>
> Current Tar files
>
>    One  can download the day's files here. They are produced from the CVS
>    repository  at  4am  EST every night. They include the appropriate CVS
>    control  files,  so  that  one  can  download  these files and then do
>    updates.
>      * tcpdump-current.tar.gz
>      * libpcap-current.tar.gz
>
>    The  dailies  are kept for 14 days. If you wish to reference something
>    more permanent (no promises!!!) then you might want the weeklies.
>
> Mailing lists
>
>    There are two mailing lists that have been set up:
>
>    tcpdump-announce () tcpdump org
>           This list is for announcements only.
>           It is archived here.
>
>    tcpdump-workers () tcpdump org
>           This  list  is  for  discussion  of  code. It will also receive
>           announcements,  so  one  need only subscribe to one list or the
>           other.
>           It is archived here.
>           There is also a digested version of this list.
>           Posts  to  this  list  must  originate  from  the  subscriber's
>           address.
>
>    tcpdump-nomail () tcpdump org
>           This  list  receives  no mail. It exists as a list of alternate
>           email   addresses   from   which   people   may   post  to  the
>           tcpdump-workers list.
>
>    To subscribe to these lists, please email to
>    tcpdump-workers-request () tcpdump org, or
>    tcpdump-announce-request () tcpdump org.   In  the  body,  put  the  word
>    "subscribe".
>
>    We  are now using SourceForge.net for bug tracking. Please submit bugs
>    here:
>    libpcap: bugs | patches
>    tcpdump: bugs | patches
>
> What can I do?
>
>    We need people to:
>      * download and test versions of tcpdump on their platform
>      * write release notes
>      * contribute code
>      * maintain web pages (less important now)
>
>
>     Last updated: $Date: 2002/12/16 21:43:16 $ by JWS


_________________________________________________________________


-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe